217.74.6.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: R-KOM Regensburger Telekommunikations GmbH & Co KG

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Sep 9 06:36:29 ubuntu-2gb-nbg1-dc3-1 sshd[14754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.74.6.97 Sep 9 06:36:32 ubuntu-2gb-nbg1-dc3-1 sshd[14754]: Failed password for invalid user admin from 217.74.6.97 port 36962 ssh2 ...	2019-09-09 16:53:29

Type

Details

Datetime

attackspam

Sep  9 06:36:29 ubuntu-2gb-nbg1-dc3-1 sshd[14754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.74.6.97
Sep  9 06:36:32 ubuntu-2gb-nbg1-dc3-1 sshd[14754]: Failed password for invalid user admin from 217.74.6.97 port 36962 ssh2
...

2019-09-09 16:53:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 217.74.6.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55293
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;217.74.6.97.			IN	A

;; AUTHORITY SECTION:
.			2895	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 16:53:24 CST 2019
;; MSG SIZE  rcvd: 115

Host info

97.6.74.217.in-addr.arpa domain name pointer 217-74-6-97.hsi.glasfaser-ostbayern.de.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
97.6.74.217.in-addr.arpa	name = 217-74-6-97.hsi.glasfaser-ostbayern.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.143.220.230	attack	[2020-03-20 07:47:06] NOTICE[1148] chan_sip.c: Registration from '"10" ' failed for '45.143.220.230:5871' - Wrong password [2020-03-20 07:47:06] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-20T07:47:06.346-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="10",SessionID="0x7fd82c40aa58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.230/5871",Challenge="1d681f56",ReceivedChallenge="1d681f56",ReceivedHash="d03bcb6d8247335d370db3cac8254f90" [2020-03-20 07:47:06] NOTICE[1148] chan_sip.c: Registration from '"10" ' failed for '45.143.220.230:5871' - Wrong password [2020-03-20 07:47:06] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-20T07:47:06.443-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="10",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220. ...	2020-03-20 20:08:19
114.215.127.140	attackspam	404 NOT FOUND	2020-03-20 20:29:22
91.230.153.121	attack	Mar 20 12:53:45 debian-2gb-nbg1-2 kernel: \[6964327.924590\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.230.153.121 DST=195.201.40.59 LEN=40 TOS=0x10 PREC=0x60 TTL=245 ID=21647 PROTO=TCP SPT=41404 DPT=55433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-20 20:04:51
189.4.1.12	attackbotsspam	Mar 20 07:02:54 haigwepa sshd[10778]: Failed password for root from 189.4.1.12 port 58634 ssh2 ...	2020-03-20 20:15:52
118.24.14.64	attackbots	$f2bV_matches	2020-03-20 20:34:36
42.114.30.13	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 20-03-2020 03:50:17.	2020-03-20 20:23:52
194.26.29.113	attack	Mar 20 13:17:48 debian-2gb-nbg1-2 kernel: \[6965770.864416\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.113 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64531 PROTO=TCP SPT=51401 DPT=219 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-20 20:35:07
195.54.166.5	attackspambots	03/20/2020-06:05:04.497390 195.54.166.5 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-20 20:18:35
180.76.98.239	attackspambots	Mar 20 04:45:37 * sshd[11742]: Failed password for root from 180.76.98.239 port 50948 ssh2	2020-03-20 19:57:16
177.85.16.102	attackspam	Lines containing failures of 177.85.16.102 Mar 19 19:34:33 linuxrulz sshd[5992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.85.16.102 user=r.r Mar 19 19:34:35 linuxrulz sshd[5992]: Failed password for r.r from 177.85.16.102 port 59161 ssh2 Mar 19 19:34:36 linuxrulz sshd[5992]: Received disconnect from 177.85.16.102 port 59161:11: Bye Bye [preauth] Mar 19 19:34:36 linuxrulz sshd[5992]: Disconnected from authenticating user r.r 177.85.16.102 port 59161 [preauth] Mar 19 19:45:23 linuxrulz sshd[8061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.85.16.102 user=r.r Mar 19 19:45:25 linuxrulz sshd[8061]: Failed password for r.r from 177.85.16.102 port 50574 ssh2 Mar 19 19:45:27 linuxrulz sshd[8061]: Received disconnect from 177.85.16.102 port 50574:11: Bye Bye [preauth] Mar 19 19:45:27 linuxrulz sshd[8061]: Disconnected from authenticating user r.r 177.85.16.102 port 50574 [preauth........ ------------------------------	2020-03-20 20:17:37
91.241.144.21	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 20-03-2020 03:50:17.	2020-03-20 20:23:23
188.166.247.82	attackspambots	Invalid user Michelle from 188.166.247.82 port 50334	2020-03-20 20:16:24
192.241.238.242	attackspam	Unauthorized connection attempt detected from IP address 192.241.238.242 to port 2638	2020-03-20 20:33:49
114.99.225.109	attackbotsspam	Mar 20 04:49:16 zimbra postfix/smtps/smtpd[21345]: lost connection after CONNECT from unknown[114.99.225.109] Mar 20 04:50:25 zimbra postfix/smtps/smtpd[21346]: warning: unknown[114.99.225.109]: SASL LOGIN authentication failed: authentication failure Mar 20 04:50:26 zimbra postfix/smtps/smtpd[21346]: lost connection after AUTH from unknown[114.99.225.109] Mar 20 04:50:26 zimbra postfix/smtps/smtpd[21346]: disconnect from unknown[114.99.225.109] ehlo=1 auth=0/1 commands=1/2 ...	2020-03-20 20:13:18
115.73.214.63	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 20-03-2020 03:50:15.	2020-03-20 20:28:26

Recently Reported IPs

27.187.248.137	171.161.200.86	189.67.137.113	170.202.101.77
62.63.52.83	84.245.108.117	100.8.14.69	206.208.108.251
201.66.230.67	52.14.22.115	122.226.234.142	34.240.33.34
61.12.7.249	31.26.202.67	63.223.106.43	71.6.233.157
165.17.118.74	203.189.232.38	117.93.116.149	196.88.51.2